“Every organization needs to evaluate the security risks associated with their business partners,” said Tim Erlin, director of IT security and risk strategist for Tripwire. “Partnerships provide an important growth mechanism for organizations today, but they also introduce risk. Organizations must invest in securing their points of interaction with partners.”

Additional findings from the study include:
• While ninety-five percent of respondents believe a supplier or partner security breach could expose valuable data, sixty-one percent said they were unconcerned or have bigger concerns.
• Less than half (forty-four percent) said their organizations require partners and suppliers to pass security audits before they sign a contract with them.
• Thirty-four percent use partners and suppliers that fail to meet their security standards.
• A quarter (twenty-five percent) admitted their organizations do not evaluate whether suppliers met their security requirements.
• Half said they make exceptions or offer different standards for some partners.

http://www.tripwire.com/company/research/tripwire-2016-supply-chain-survey/